Hello again,

I may have a common problem to solve but it seems it is harder than I
thought...

I have 2 internet providers (each one having a different gateway).
Behind the router there are around 100 clients that are SNAT-ed.

I want some clients to be SNAT-ed to the first provider, while the others to
the second one.
The following lines should work:

iptables -t nat -A POSTROUTING -s 172.17.31.81  -j SNAT --to-source
$INET_IP_1
iptables -t nat -A POSTROUTING -s 172.17.31.82  -j SNAT --to-source
$INET_IP_2

But... there is a problem... I have to make the packet (after it has been
SNAT-ed)
follow the gateway corresponding to the $INET_IP_1 or to the $INET_IP_2
respectively.

In my routing table I have only one default route... corresponding to one of
the gateways.
Is it possible to have 2 default routes? Is there a more elegant way to
solve this problem?

Is there a way to tell the routing table that every request that has the
source address $INET_IP_1
follow the $GW_1, and every request that has the source address $INET_IP_2
follow the $GW_2?

Thanks in advance,
Mihai Vlad

Mihai,
> But... there is a problem... I have to make the packet (after it has been
> SNAT-ed)
> follow the gateway corresponding to the $INET_IP_1 or to the $INET_IP_2
> respectively.
>
> In my routing table I have only one default route... corresponding to one
of
> the gateways.
> Is it possible to have 2 default routes? Is there a more elegant way to
> solve this problem?
you basically want to use the 'ip route' command, and setup 2 routing tables.

> Is there a way to tell the routing table that every request that has the
> source address $INET_IP_1
> follow the $GW_1, and every request that has the source address $INET_IP_2
> follow the $GW_2?
yup, you setup the two tables, one has GW_1 and one has GW_2, and direct traffic
into
the tables based on it's address.
take a look through the mailling list archives and doco on the web for examples.
it's not too hard.

regards,

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Damion de Soto - Software Engineer  email:     damion@snapgear.com
SnapGear - A CyberGuard Company ---    ph:         +61 7 3435 2809
  | Custom Embedded Solutions          fax:         +61 7 3891 3630
  | and Security Appliances            web: http://www.snapgear.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  ---  Free Embedded Linux Distro at   http://www.snapgear.org  ---

Hi Mihai,

  You can do this by iproute and only if your box is configured as
  [*]   IP: advanced router
  You will also need ip-utils.

"ip route show" will show the main table with all your routes but
what
is most important is your default $GW_1

  So, let's now create another table, with default gateway $GW_2 then,
make a rule so all from $INET_IP_2 should follow that table :

ip route add default via $GW_2 table secondary
( if iputils will scream that doesn't know who is "secondary" create
"iproute2" in your "/etc" then in that new dir create and
edit the file
named "rt_tables" and put on the first row "10 secondary".
It should look
like this :

#cat /etc/iproute2/rt_tables
10 secondary
#

  Then make a rule which says that everything leaving your box with ip
$INET_IP_2 should go to $GW_2 :
ip rule add from $INET_IP_2 table secondary

  And that's it !

P.S. Daca iti nu iti iese da-mi un mail si vedem care e buba !

> Hello again,
>
> I may have a common problem to solve but it seems it is harder than I
> thought...
>
> I have 2 internet providers (each one having a different gateway).
> Behind the router there are around 100 clients that are SNAT-ed.
>
> I want some clients to be SNAT-ed to the first provider, while the others
> to
> the second one.
> The following lines should work:
>
> iptables -t nat -A POSTROUTING -s 172.17.31.81  -j SNAT --to-source
> $INET_IP_1
> iptables -t nat -A POSTROUTING -s 172.17.31.82  -j SNAT --to-source
> $INET_IP_2
>
> But... there is a problem... I have to make the packet (after it has been
> SNAT-ed)
> follow the gateway corresponding to the $INET_IP_1 or to the $INET_IP_2
> respectively.
>
> In my routing table I have only one default route... corresponding to one
> of
> the gateways.
> Is it possible to have 2 default routes? Is there a more elegant way to
> solve this problem?
>
> Is there a way to tell the routing table that every request that has the
> source address $INET_IP_1
> follow the $GW_1, and every request that has the source address $INET_IP_2
> follow the $GW_2?
>
> Thanks in advance,
> Mihai Vlad
>
>
>
>
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>


Adrian Saileanu
Netmaster Communications Srl

address: Str. Ion Brezoianu Nr. 20
Sector 1, Bucuresti, Romania

office: +40 21 315 92 00
mobile: +40 723 979 586
email:   adrian@smartcall.ro